12 minute read
OVERCOMING THE PANDEMIC
SIMON BENNETT, CTO, EMEA, RACKSPACE TECHNOLOGY, LISTS KEY STEPS EVERY BUSINESS MUST TAKE TO TACKLE THE CORONAVIRUS CRISIS.
We’re experiencing a tectonic shift in working practices witnessed by any living generation, with all industries simultaneously having to learn and adapt to serving their customers with a remote workforce. Technology has been instrumental in most organisations’ business continuity throughout this period, yet it hasn’t been easy sailing. This unprecedented situation uncovered and accentuated a number of challenges that IT teams will need to overcome to continue supporting their businesses over the coming months.
Advertisement
Whilst lockdown 2.0 took place across EMEA, business leaders needed to adjust to a more permanent period of uncertainty than anyone could have expected and quickly overcome these issues - most of which are not quick fixes. The biggest, according to research commissioned by Rackspace Technology, were a need for business continuity programmes; a lack of adaptability to change; a lack of preparedness for different working arrangements; and not having enough employees with the right skills.
The pressure is now on for organisations to overcome these obstacles with longer-term strategies. So how can this be done?
Improving adaptability to better prepare for the unknown
The biggest challenge that EMEA businesses uncovered during the pandemic was a need for business continuity programmes (44%), whilst they reported the second as being a lack of adaptability to change (34%). This reflects the findings from Leesman, which previously cited the UK as amongst the least prepared countries to deal with a mass home-working strategy.
Most organisations are having to shift their operations beyond recognition as a result of the pandemic and its mid-term impact on their operations. For many, this means completely reformulating their business continuity plans to prepare for the next wave of the unknown as well as establishing adaptable processes that can support the business in navigating the evolving situation.
The cloud underpins many businesses’ ability to continue operating services virtually and to support their entire workforce remotely. Those that had
migrated to the cloud, or had already started the migration prior to or at the beginning of lockdown, found that the shift to cloud turned out to be critical to enabling remote workforces.
For example, a UK public sector organisation, the Central and North West London NHS Foundation Trust’s (CNWL) revealed it may have not been able to support patients without its migration to the cloud, as most healthcare was in-person. However, the Trust has now been able to adapt to provide many of their services remotely, for example with the use of online tests and video calls.
As a result of these reported benefits of the cloud to remote working, we’re seeing many companies increasing their investments in the cloud services that underpin their ability to scale up and down, deliver better online experience, and support their entire workforce to work productively from home. Whilst the majority of businesses (67%) were already either in progress or planning to move to a multi or hybrid cloud model in 2020, and 74% had started or planned to develop cloud-based solutions, the pandemic has given rise to three quarters (73% and 76% respectively) bringing their projects forward.
Will remote working, work tomorrow?
IT leaders also felt that the pandemic had exposed their lack of preparedness for different working arrangements (28%). Nearly six months after the coronavirus upended our traditional working practices, businesses across the world are grappling to turn their temporary fixes into more sustainable processes that will support many employees that expect to work from home for the foreseeable future.
This means employing the right technology solutions to ensure workers can be as productive and efficient at home as they are in the office.. Whether that means migrating to the cloud to ensure easy access to tools and documents from remote locations, or implementing collaboration tools that enable quicker, easier, and simpler communication between employees but at the same time remaining secure.
But it’s important that this challenge isn’t just viewed in the context of a technical fix. Businesses will also need to reassess processes and ensure employee benefits packages reflect a remote working structure. For example, this may involve providing the right physical set-up to ensure people can work comfortably, or launching wellness programmes to support the emotional and mental health of their employees.
Identifying where new skills can help you thrive
Technology is, and will continue to be, a key driver in helping businesses adapt to what lies ahead. But as many accelerate transformation projects to help them take advantage of its benefits today, many have uncovered that they lack the right skills. In fact, 28% of EMEA businesses reported that the COVID-19 crisis highlighted their workforce doesn’t have the right skillsets.
To overcome this, organisations first need to identify which skills they are missing that their business model relies on. It is then vital that employees are up- and re-skilled appropriately to fill these critical skills gaps. This will likely involve launching tailored training programmes that not only provide employees with the necessary learning, but that can be completed from the home environment.
But training and reskilling can take time, and - particularly in a pandemic - time is of the essence. Organisations should therefore also take advantage of working with third parties to help plug their skills gaps and elevate their teams’ capabilities as quickly as possible, to ensure they can deliver the critical transformation needed to survive these difficult times.
The right technology and people to cope with future disruption
At the start of the pandemic, organisations had to act fast with quick, tactical responses to the unexpected disruption, to ensure they could continue to function as a business. This in turn uncovered areas that needed attention, whether it was the business continuity plans they had in place- or lack thereof – or the lack of skills they had to implement the long-term solutions needed to cope with ongoing disruption.
As a result, the next phase for organisations will be addressing these immediate issues to build both agility and resiliency into the business, which will help them overcome the challenges presented by any future unexpected events – COVID-19 or otherwise.
PROTECTING ALL PATHS TO DATA
IN ASSOCIATION WITH IMPERVA, CXO INSIGHT ME BROUGHT TOGETHER A SELECT GROUP OF CIOS AND CISOS IN THE REGION TO SHARE KNOWLEDGE AROUND BEST PRACTICES FOR APPLICATION AND DATA SECURITY
One of the global pandemic consequences is a record-breaking rise in cybercrime, targeting your organisation’s most precious asset - data. With IT environments getting highly distributed, and employees working from home, organisations in the Middle East are forced to rethink their security strategies. It is important more than ever for IT and security leaders to understand the risk posture of their organisation, under a totally new set of circumstances.
The roundtable discussion, which attracted IT and security leaders from the GCC countries, brought to the fore some of the daunting challenges around application and data security. The event was kicked off by Terry Ray, SVP Strategy for Finance and Healthcare, and an Imperva Fellow, who said data is the most important resource on the planet. “Most people think of Imperva as either an application security or data security company, but the truth is we protect both. In 2019, attackers exfiltrated 11.3 billion records by targeting applications and APIs. In reality, we lost around 15 billion records because the other four billion were stolen from databases. We find that enterprises are struggling to identify malicious data access and distinguish between the right type and the wrong type of user.”
He stated that modern requirements for data security have grown beyond traditional database activity monitoring. “There are two types of threats to data – insider and external and most organisations struggle with the latter. If you already have a WAF, the question you need to ask is if it is turned on and blocking everything that you can stop? How fast can you mitigate DDoS attacks?”
He added that digital transformation has upended how security works. “While organisations are transforming and modernising applications, you have more assets that connect to a database, which means you need to have security and visibility around them. Securing applications and data modernisations is a rapidly changing target, and the fragmented technology ecosystem is complex to secure.”
Ray listed three critical challenges that users face today when it comes to data security: “Do you have the ability to monitor and protect everything in your environment? Can you increase the value of the data you are collecting and make it more usable? How can you reduce the overall TCO of your security and compliance programme?”
Talking about his company’s track record and what sets us apart from its competitors, Ray said Imperva blocks more than 22 billion attacks every month. “Most people use application security for monitoring but not for blocking, and that is not the case with Imperva. With the help of some specific technologies such as dynamic profiling, Imperva’s products can identify good and bad behaviour accurately. We have built technologies that give you the flexibility to decide what works best for your environment.”
Ray also pointed out some of the unique capabilities of Imperva around edge security, which is the company’s SaaS-based offering for both WAF protection and DDoS mitigation. “We have embedded CDN in our anti-DDoS solution, and the big value for our customers is that it all sits in a single stack. What this means is that where we have a PoP, we have everything. If something bad happens, we don’t have to push you over to another PoP to do mitigation; we do everything in-country. We have 50 PoPs worldwide, including one in Dubai, and we are expanding that infrastructure. Our value proposition is that because everything stays in one location, it gives us the ability to have the lowest SLAs for application-layer DDoS – in less than three seconds. Our nearest competitor does this in 45 minutes.”
He went on add that modern-day threats have evolved beyond web application firewalls, which have been around since the late 90s. Application security is more than just WAF. In addition to applications, organisations are looking to protect APIs, manage bot traffic, and prevent data thefts from client-side attacks. Our security technologies have also evolved, along with threats, he said.
Participating in the discussion, Morgan Jay, Assistant VP, EMEA South and Middle East, Imperva, said the Middle East a very important region for the company. “It’s one of the fastest-growing regions globally. We have doubled our resources this year, and we are expanding here. We have recently acquired a database security company called jSonar, which has a sweet spot in the Middle East.”
STAYING ON TOP
SANJEEV WALIA, FOUNDER AND PRESIDENT OF SPIRE SOLUTIONS, TALKS ABOUT THE VAD’S PARTICIPATION AT GISEC THIS YEAR AND MARKET OUTLOOK FOR 2021.
Tell us about Spire Solutions and the nature of its business.
Spire Solutions is Middle East and Africa’s leading value-added distributor (VAD), exclusively representing some of the world’s most capable vendors offering niche cybersecurity solutions and services.
Driven by a strong dedication to customer success, Spire Solutions has built a reputation of being the preferred security partner to CISOs in the region.
For our technology partners, Spire Solutions has always been a force multiplier in the region and will continue to be regardless of where the technology company is in its lifecycle.
Since 2008, we have served over 1,000 government and enterprise customers, introduced over 50 niche cybersecurity vendors to the region and built a channel of 500 plus partners and resellers.
What is COVID-19’s impact on the cyber security industry and particularly your business?
COVID-19 has disrupted the entire world adversely, and its impact is felt across all industries, including the cybersecurity industry.
Threat actors have been exploiting the pandemic to target government entities and private sector organisations in various ways. From phishing campaigns on unsuspecting individuals to sophisticated targeted attacks, different tactics, techniques, and procedures are being used to launch cyber-attacks.
We have been working extra hard over the last six to eight months to ensure that we are assisting our customers in proactively detecting, mitigating and responding to risks, threats and attacks, while they focus on continuity and availability of their core businesses.
Spire Solutions has been associated with GISEC for a very long time. What is your opinion on the show and its importance to the region?
Since its inception, we have supported GISEC and see it as a melting pot for the regional cybersecurity industry. GISEC is a highly effective platform for us to continue our ongoing discussions with customers and showcase our new capabilities; provide visibility and market access to vendors in our portfolio; reconnect with partners across the region; and nurture existing relationships while also building new ones.
Given that GISEC is hybrid this year, we look forward to leveraging both the physical and virtual platforms to continue helping the region with its cybersecurity efforts.
What can we expect from Spire Solutions during the five days of GISEC? What’s new?
We are showcasing multiple cybersecurity technologies this year and have lined up a fantastic list of thought leaders to share knowledge during various conference sessions on the main stage and X labs. Several of our technology partners are showcasing for the first time at GISEC so the participants can expect lots of thoughtprovoking discussions, presentations, and demos.
Our goal is to help CISOs automate vulnerability and risk management; lay the foundation for ZERO trust; visualise their SOC with 3D; drive sec-ops with threat intel; encrypt their crown jewels and build quantum resilience; proactively hunt for threats across networks and endpoints; and enhance their respective organisations’ overall security posture, continuously.
What is your focus for 2021, and what can the region look forward to?
With increased adoption of remote work and rapid transformations enabled by digitisation, cloud migration, internet of things (IoT), artificial intelligence (AI), machine learning (ML), fintech, blockchain, mobile apps, smart devices and social media penetration, we foresee that cyber criminals and threat actors will be having a field day. Therefore, our focus – rather a mantra – will be to continue helping customers understand their security blind spots and solving regional cyber security challenges proactively.
From understanding current and emerging cybersecurity risks and challenges to solving them with practical solutions and services, we will ensure that our customers and partners find maximum value from their engagement with us.
